vendredi 15 février 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

AVEVA InduSoft Web Studio/InTouch Edge HMI Database Connection privilege escalation

A vulnerability, which was classified as critical, was found in AVEVA InduSoft Web Studio and InTouch Edge HMI. This affects a function of the component Database Connection. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

AVEVA InduSoft Web Studio/InTouch Edge HMI privilege escalation

A vulnerability, which was classified as critical, has been found in AVEVA InduSoft Web Studio and InTouch Edge HMI. Affected by this issue is some functionality. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

WECON LeviStudioU up to 1.8.56 Code Execution memory corruption

A vulnerability classified as critical was found in WECON LeviStudioU up to 1.8.56. Affected by this vulnerability is the functionality. The manipulation with an unknown input leads to a memory corruption vulnerability (Code Execution). The CWE...
Auteur: VulDB

WECON LeviStudioU up to 1.8.56 Heap-based memory corruption

A vulnerability classified as critical has been found in WECON LeviStudioU up to 1.8.56. Affected is an unknown function. The manipulation with an unknown input leads to a memory corruption vulnerability (Heap-based). CWE is classifying the...
Auteur: VulDB

WECON LeviStudioU up to 1.8.56 Project File Stack-based memory corruption

A vulnerability was found in WECON LeviStudioU up to 1.8.56. It has been rated as critical. This issue affects some processing of the component Project File Handler. The manipulation with an unknown input leads to a memory corruption...
Auteur: VulDB

Rarlab WinRar up to 5.59 Archive Out-of-Bounds memory corruption

A vulnerability has been found in Rarlab WinRar up to 5.59 (File Compression Software) and classified as critical. Affected by this vulnerability is a functionality of the component Archive Handler. The manipulation with an unknown input leads...
Auteur: VulDB

Atlassian JIRA up to 7.13.0 VerifyPopServerConnection Server-Side Request Forgery

A vulnerability was found in Atlassian JIRA up to 7.13.0 (Bug Tracking Software) and classified as critical. This issue affects a part of the component VerifyPopServerConnection. The manipulation with an unknown input leads to a privilege...
Auteur: VulDB

Atlassian JIRA up to 7.6.9/7.12.3/7.13.0 Two-Dimensional Filter Statistics Gadget cross site scripting

A vulnerability has been found in Atlassian JIRA up to 7.6.9/7.12.3/7.13.0 (Bug Tracking Software) and classified as problematic. This vulnerability affects a functionality of the component Two-Dimensional Filter Statistics Gadget. The...
Auteur: VulDB

TIBCO Silver Fabric up to 5.8.1 SOAP Admin API Reflected cross site scripting

A vulnerability, which was classified as problematic, was found in TIBCO Silver Fabric up to 5.8.1. This affects a function of the component SOAP Admin API. The manipulation with an unknown input leads to a cross site scripting vulnerability...
Auteur: VulDB

OpenAM 13.0 Session privilege escalation

A vulnerability, which was classified as critical, has been found in OpenAM 13.0. Affected by this issue is some functionality of the component Session Handler. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

msmtp 1.8.2 Certificate Validation weak authentication

A vulnerability, which was classified as critical, was found in msmtp 1.8.2. Affected is a function of the component Certificate Validation Handler. The manipulation with an unknown input leads to a weak authentication vulnerability. CWE is...
Auteur: VulDB

SchoolCMS 2.3.1 index.php id cross site scripting

A vulnerability, which was classified as problematic, has been found in SchoolCMS 2.3.1 (Content Management System). This issue affects some functionality of the file index.php?a=Index&c=Channel&m=Home. The manipulation of the argument id with...
Auteur: VulDB

SchoolCMS 2.3.1 index.php viewid cross site scripting

A vulnerability classified as problematic was found in SchoolCMS 2.3.1 (Content Management System). This vulnerability affects the functionality of the file index.php?a=Index&c=Channel&m=Home. The manipulation of the argument viewid with an...
Auteur: VulDB

POWER EGG EL Expression privilege escalation [CVE-2019-5916]

A vulnerability was found in POWER EGG. It has been rated as critical. Affected by this issue is some processing of the component EL Expression Handler. The manipulation with an unknown input leads to a privilege escalation vulnerability. Using...
Auteur: VulDB

OpenAM 13.0 Open Redirect [CVE-2019-5915]

A vulnerability was found in OpenAM 13.0. It has been declared as critical. Affected by this vulnerability is a code block. The manipulation with an unknown input leads to a privilege escalation vulnerability (Redirect). The CWE definition for...
Auteur: VulDB

V20 PRO L-01J L01J20c/L01J20d Access Point Crash denial of service

A vulnerability was found in V20 PRO L-01J L01J20c/L01J20d. It has been classified as problematic. Affected is code of the component Access Point Handler. The manipulation with an unknown input leads to a denial of service vulnerability (Crash)....
Auteur: VulDB

LHMelting up to 1.65.3.6 DLL Loader privilege escalation

A vulnerability was found in LHMelting up to 1.65.3.6 and classified as problematic. This issue affects a part of the component DLL Loader. The manipulation with an unknown input leads to a privilege escalation vulnerability. Using CWE to...
Auteur: VulDB

UNARJ32.DLL up to 1.10.1.25 DLL Loader privilege escalation

A vulnerability has been found in UNARJ32.DLL up to 1.10.1.25 and classified as problematic. This vulnerability affects a functionality of the component DLL Loader. The manipulation with an unknown input leads to a privilege escalation...
Auteur: VulDB

UNLHA32.DLL up to 2.67.1.2 DLL Loader privilege escalation

A vulnerability, which was classified as problematic, was found in UNLHA32.DLL up to 2.67.1.2. This affects a function of the component DLL Loader. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE is...
Auteur: VulDB

House Gate App up to 1.7.8 on iOS directory traversal [CVE-2019-5910]

A vulnerability, which was classified as critical, has been found in House Gate App up to 1.7.8 on iOS. Affected by this issue is some functionality. The manipulation with an unknown input leads to a directory traversal vulnerability. Using CWE...
Auteur: VulDB

Yokogawa B-M9000 License Manager Service privilege escalation

A vulnerability classified as critical was found in Yokogawa CENTUM VP, CENTUM VP Entry Class, ProSafe-RS, PRM and B-M9000. Affected by this vulnerability is the functionality of the component License Manager Service. The manipulation with an...
Auteur: VulDB

Cloud Foundry CredHub CLI up to 2.2.0 Config File Credentials information disclosure

A vulnerability classified as problematic has been found in Cloud Foundry CredHub CLI up to 2.2.0 (Cloud Software). Affected is an unknown function of the component Config File Handler. The manipulation with an unknown input leads to a...
Auteur: VulDB

McAfee True Key up to 3.1.9211.0 Microsoft Windows Client information disclosure

A vulnerability was found in McAfee True Key up to 3.1.9211.0. It has been rated as problematic. This issue affects some processing of the component Microsoft Windows Client. The manipulation with an unknown input leads to a information...
Auteur: VulDB

Google Android NVIDIA Tegra OpenMax Driver memory corruption

A vulnerability was found in Google Android (Smartphone Operating System). It has been declared as critical. This vulnerability affects a code block of the component NVIDIA Tegra OpenMax Driver. The manipulation with an unknown input leads to a...
Auteur: VulDB

Google Android NVIDIA Tegra Library libnvmmlite_video.so privilege escalation

A vulnerability was found in Google Android (Smartphone Operating System). It has been classified as critical. This affects code of the file libnvmmlite_video.so of the component NVIDIA Tegra Library. The manipulation with an unknown input leads...
Auteur: VulDB
12345678910Last

Événements SSI

ACCESSECURITY

AccesSecurity, salon euro-méditerranéen de la sécurité globale, se tient à Marseille (Chanot) les 6 et 7 mars 2019. Organisé par Safim.

IT & IT SECURITY MEETINGS

IT & IT Security Meetings, «salon des réseaux, du cloud, de la mobilité et de la sécurité informatique», se tient à Cannes, Palais des Festivals et des Congrès du 19 au 21 mars 2019. Organisé par Weyou Group.

RSS